SECURITY POLICY COMPLIANCE WITH PUPPET AND ANSIBLE. Sean M. Shore Best Buy MSP RHUG Dec 2017
|
|
- Marshall Booth
- 6 years ago
- Views:
Transcription
1 SECURITY POLICY COMPLIANCE WITH PUPPET AND ANSIBLE Sean M. Shore Best Buy MSP RHUG Dec 2017
2 THE PROBLEM Quarterly SOX and annual PCI audits Ever-expanding list of controls and covered servers Enormous legacy environment of artisanally-handcrafted servers
3 THE PROBLEM: ENFORCEMENT Constant drift except for a greenfield internal cloud environment, all servers maintained individually and ad hoc No mechanism for enforcement, no way to add new controls /etc/sudoers copied from server to server, no cleanup, no review Impossible to provide auditors with concise list of admin privileges
4 THE PROBLEM: REPORTING No reasonable way to gather data for auditors Operations staff log into servers individually and copy files Invalid/incomplete results No way to ensure proper standards on new builds outside the cloud environment End result: internal auditor findings to remediate
5 THE PROBLEM: LIMITED PUPPET Existing Puppet 3.x open source environment, limited to greenfield new VMs Ignored large legacy environment including physicals, RHEL 5, HP-UX, etc. Even in greenfield environment, sudoers was not fully maintained via Puppet Default /etc/sudoers enforced by Puppet, but all customizations manually copied and edited
6 STEP 1: ENFORCEMENT Goal: safely extend existing Puppet into brownfield Maintain SOX and PCI standards on all servers, regardless of status Began with build-out of new Puppet 4 capability, followed by environment-wide sudoers and access.conf rollout Migrate existing Puppet 3.x clients to new environment
7 OPTION: MONOLITHIC SUDOERS Single environment-wide file Previous experience with monolithic sudoers at other firms indicated that it was unworkable over time Easy to manage, but quickly grows to lines, no way to extract info for auditors without additional scripting
8 SUDOERS STUBS Stripped-down /etc/sudoers with #include /etc/sudoers.d/ Stubs for individual netgroups and service accounts, as configured by hiera Increased auditability each server has only the sudoers rules that are needed on that box Centrally located in git, where internal auditors can be given read-only access to view all the stubs /etc/security/access.conf managed similarly
9 LEVERAGING HIERA AND PUPPET 4 Custom facter fact to break down hostname into usable components Use hiera_array to pull in stubs as configured at different layers of hiera, all the way to common stubs Coded to take advantage of Puppet 4 functionality re: loops
10 HIERA.YAML From most to least specific: Per-node Type of server (e.g., prod financial webserver, dev order mgmt app server) Data center OS version Common Allows us to manage one-to-many as much as possible but allow for exceptions
11 SCM AND CI Danger of managing sudoers with Puppet: pushing bad code to entire environment Even administrators will be unable to run sudo if there are syntax issues Solution: Automated syntax linting Changes to sudoers and hieradata are linted on commit On success, promoted and automatically r10ked using GitLab CI API Not smart enough to monitor the wisdom of the sudo rules, but prevents catastrophe
12 OPERATIONALIZATION Puppet and GitLab CI have allowed us to safely hand over sudo administration to L1 and L2 staff Lead L2 staff can review code and have rights to merge sudo and puppet_control (hieradata) into production branch Commit logs contain Service Now ticket information for auditability
13 ROLLOUT Moved stepwise through the environment, Puppetizing small groups of legacy boxes, and expanding list of managed resources Used Ansible to roll out Puppet Install agent Set up conf file Sign certs NTP, resolv.conf, PAM configurations, rsyslog, etc. Within six months we had covered our entire Linux footprint All were now meeting audit requirements Misconfigurations automatically reverted
14 THE NEXT PROBLEM: REPORTING How do we prove that our boxes are meeting audit requirements? Legacy method was to have Operations staff log into each server individually, or at best write a one-off script, to gather relevant files and perform checks Too much effort, variable/incomplete results
15 REPORTING Puppet is great at enforcement, not so great at reporting Has no built-in notification mechanism Runs every 30 minutes do not want 48 reports per day per server Possible to hack, but poor fit for role
16 SOLUTION: ANSIBLE Created playbook and role, with tags for SOX and PCI, RHEL and HP- UX Other than copying over certain scripts and zipping up copies of files, Ansible make no changes on the systems Performs regex matching to ensure that configs are as expected Runs scripts to validate settings that would be cumbersome or impossible to run directly via Ansible Configured to not stop on failure, so that all systems and values are checked
17 SOLUTION: ANSIBLE Goal with each run is to have all green -- no changes needed Copies of all relevant files are zipped up and transferred back to the Ansible workstation All output, including the playbooks and roles themselves, is then uploaded to our site for auditor review
18 RESULTS Before: monthslong, error-prone effort requiring multiple Operations staff Usually required remediation with associated CRs, delays, etc. After: with Puppet-based enforcement, no remediation needed Data gathering can be performed across hundreds of servers by one individual in a couple of hours The big one: Audits passed, findings remediated and closed
19 QUESTIONS?
PUPPET. Use at General Mills
PUPPET Use at General Mills Preface HP UX platform at GMI is 15+ years old Consolidated Superdome architecture today Moving enterprise apps to RHEL6 Oracle SAP BW/BI Warehouse Management Short migration
More informationEPHEMERAL DEVOPS: ADVENTURES IN MANAGING SHORT-LIVED SYSTEMS
SESSION ID: CSV-W12 EPHEMERAL DEVOPS: ADVENTURES IN MANAGING SHORT-LIVED SYSTEMS Todd Carr DevOps Engineer Unity Technologies @frozenfoxx Who am I? DevOps Engineer at Unity Technologies Security Enthusiast
More informationDEVOPS TRAINING COURSE CONTENT
DEVOPS TRAINING COURSE CONTENT SECTION 1 Introduction to DevOps Certification What is DevOps? Why DevOps? Benefits of DevOps Overview of DevOps SECTION 2- Provisioning Vargant-What is vagrant-compare with
More informationLinux System Management with Puppet, Gitlab, and R10k. Scott Nolin, SSEC Technical Computing 22 June 2017
Linux System Management with Puppet, Gitlab, and R10k Scott Nolin, SSEC Technical Computing 22 June 2017 Introduction I am here to talk about how we do Linux configuration management at the Space Science
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationS Automating security compliance for physical, virtual, cloud, and container environments
S103174 - Automating security compliance for physical, virtual, cloud, and container environments Using Red Hat CloudForms, Red Hat Satellite, Red Hat Insights and Ansible Tower by Red Hat Lucy Huh Kerner
More information7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager
7 Steps to Complete Privileged Account Management September 5, 2017 Fabricio Simao Country Manager AGENDA Implications of less mature privileged account management What does a more mature approach look
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationContinuous Integration using Docker & Jenkins
Jenkins LinuxCon Europe 2014 October 13-15, 2014 Mattias Giese Solutions Architect giese@b1-systems.de - Linux/Open Source Consulting, Training, Support & Development Introducing B1 Systems founded in
More informationA WEB-BASED SOLUTION TO VISUALIZE OPERATIONAL MONITORING LINUX CLUSTER FOR THE PROTODUNE DATA QUALITY MONITORING CLUSTER
A WEB-BASED SOLUTION TO VISUALIZE OPERATIONAL MONITORING LINUX CLUSTER FOR THE PROTODUNE DATA QUALITY MONITORING CLUSTER BADISA MOSESANE EP-NU Supervisor: Nektarios Benekos Department: EP-NU Table of Contents
More informationCLOUD WORKLOAD SECURITY
SOLUTION OVERVIEW CLOUD WORKLOAD SECURITY Bottom line: If you re in IT today, you re already in the cloud. As technology becomes an increasingly important element of business success, the adoption of highly
More informationActifio Sky DB. Actifio s Solution for Oracle, Oracle EBS with standalone, RAC, ASM, EXADATA configurations
Actifio Sky DB Actifio s Solution for Oracle, Oracle EBS with standalone, RAC, ASM, EXADATA configurations The Big Database Problem Database Cloning Time-consuming. No self service. Storageintensive. Can
More informationAutomating, Securing, and Managing Cox Automotive's (AutoTrader) Big Data Infrastructure
Automating, Securing, and Managing Cox Automotive's (AutoTrader) Big Data Infrastructure with Ansible, Insights, and Satellite Abdi Hersi, Senior Linux Engineer Cox Automotive Will Nix, Principal Technical
More informationAgile CI/CD with Jenkins and/at ZeroStack. Kiran Bondalapati CTO, Co-Founder & Jenkins Admin ZeroStack, Inc. (
Agile CI/CD with Jenkins and/at ZeroStack Kiran Bondalapati CTO, Co-Founder & Jenkins Admin ZeroStack, Inc. (www.zerostack.com) Outline ZeroStack Hybrid Cloud Platform Jenkins and ZeroStack Jenkins at
More informationDevOps Course Content
DevOps Course Content 1. Introduction: Understanding Development Development SDLC using WaterFall & Agile Understanding Operations DevOps to the rescue What is DevOps DevOps SDLC Continuous Delivery model
More informationSecurity Compliance and Data Governance: Dual problems, single solution CON8015
Security Compliance and Data Governance: Dual problems, single solution CON8015 David Wolf Director of Product Management Oracle Development, Enterprise Manager Steve Ries Senior Systems Architect Technology
More informationAutomate the Lifecycle of IT
Automate the Lifecycle of IT Jonathan R. Hunter HPE Software Solution Architect April 27, 2016 Agenda Challenges Solutions Demo Case Study: Health Care Application Automation Call to Action Keynote Reflection
More informationSoftware configuration management
Software Engineering Theory Software configuration management Lena Buffoni/ Kristian Sandahl Department of Computer and Information Science 2017-03-27 2 Maintenance Requirements System Design (Architecture,
More informationLifecycle management with Foreman and Katello Basics and Spacewalk migration
Lifecycle management with Foreman and Katello Basics and Spacewalk migration Christian Stankowic www.stankowic-development.net Free and Open Source software Conference 19.08.2017 whoami Christian Stankowic
More informationL105190: Proactive Security Compliance Automation with CloudForms, Satellite, OpenSCAP, Insights, and Ansible Tower
L105190: Proactive Security Compliance Automation with CloudForms, Satellite, OpenSCAP, Insights, and Ansible Tower Lead Presenter: Lucy Kerner, Principal Technical Marketing Manager - Security, Red Hat
More informationplatform Development Process Optimization For Drupal centric projects
platform Development Process Optimization For Drupal centric projects Introduction This document explains how Platform impacts your Drupal centric project development process. Performance data from digital
More informationOverhauling Dev Arch with Ansible Tower and Docker
Overhauling Dev Arch with Ansible Tower and Docker Scott Van Velsor, Bryan Shake, Khaled Awwad June 29 1130a #redhat #rhsummit origins the landscape that came before branch & path limits no automation
More informationGoal 1: Maintain Security of ITS Enterprise Systems
INFORMATION TECHNOLOGY SERVICES University Technology Administration, Infrastructure and Support Open Systems Infrastructure Calendar Year 2019 Overview The primary mission of Open Systems Infrastructure
More informationSecurity as Code: The Time is Now. Dave Shackleford Founder, Voodoo Security Sr. Instructor, SANS
Security as Code: The Time is Now Dave Shackleford Founder, Voodoo Security Sr. Instructor, SANS Introduction Business is moving faster to the cloud, and DevOps is accelerating scale and pushing automation
More informationBelle II - Git migration
Belle II - Git migration Why git? Stash GIT service managed by DESY Powerful branching and merging capabilities Resolution of (JIRA) issues directly be map to branches and commits Feature freeze in pre-release
More informationMcAfee Database Security
McAfee Database Security Sagena Security Day 6 September 2012 September 20, 2012 Franz Hüll Senior Security Consultant Agenda Overview database security DB security from McAfee (Sentrigo) VMD McAfee Vulnerability
More informationUnify DevOps and SecOps: Security Without Friction
SANS Secure DevOps Summit Unify DevOps and SecOps: Security Without Friction Matt Alderman, CISSP Chief Strategy & Marketing Officer Layered Insight @maldermania Technology Trend #1: Infrastructure Migrates
More informationUSING GIT FOR AUTOMATION AND COLLABORATION JUSTIN ELLIOTT - MATT HANSEN PENN STATE UNIVERSITY
USING GIT FOR AUTOMATION AND COLLABORATION JUSTIN ELLIOTT - MATT HANSEN PENN STATE UNIVERSITY AGENDA Version control overview Introduction and basics of Git Advanced Git features Collaboration Automation
More informationDEVOPSIFYING NETWORK SECURITY. An AlgoSec Technical Whitepaper
DEVOPSIFYING NETWORK SECURITY An AlgoSec Technical Whitepaper Introduction This technical whitepaper presents and discusses the concept of Connectivity as Code, a complementary concept to Infrastructure
More informationCyber Hygiene: Uncool but necessary. Automate Endpoint Patching to Mitigate Security Risks
Cyber Hygiene: Uncool but necessary Automate Endpoint Patching to Mitigate Security Risks 1 Overview If you analyze any of the recent published attacks, two patterns emerge, 1. 80-90% of the attacks exploit
More informationLong Term Protection Model in R. Dr. Urszula Gasser, Senior Pricing Actuary
Long Term Protection Model in R Dr. Urszula Gasser, Senior Pricing Actuary 2 Disclaimer The following presentation is for general information, education and discussion purposes only. Views or opinions
More informationRevision control. INF5750/ Lecture 2 (Part I)
Revision control INF5750/9750 - Lecture 2 (Part I) Problem area Software projects with multiple developers need to coordinate and synchronize the source code Approaches to version control Work on same
More informationSUREedge MIGRATOR INSTALLATION GUIDE FOR HYPERV
SUREedge MIGRATOR INSTALLATION GUIDE 5.0.1 FOR HYPERV 2025 Gateway Place, Suite #480, San Jose, CA, 95110 Important Notice This document is provided "as is" without any representations or warranties, express
More informationActifio Test Data Management
Actifio Test Data Management Oracle MS SQL Faster Time To Market Start Release Time To Market (TTM) Finish Faster App Releases Faster Application Releases Faster TTM Increases Revenue Market Share Competitive
More informationCon$nuous Deployment with Docker Andrew Aslinger. Oct
Con$nuous Deployment with Docker Andrew Aslinger Oct 9. 2014 Who is Andrew #1 So#ware / Systems Architect for OpenWhere Passion for UX, Big Data, and Cloud/DevOps Previously Designed and Implemented automated
More informationRHUG SPECIAL SATELLITE RED HAT OFFICE MONTREAL, FEBRUARY 16, 2017
RHUG SPECIAL SATELLITE RED HAT OFFICE MONTREAL, FEBRUARY 16, 2017 Presented by: Domtar Shared Services Christophe Paulus James Dubuisson Gueorgui Tcherecharov DOMTAR IN BRIEF 150+ Years Old: From Dominion
More informationSUREedge MIGRATOR INSTALLATION GUIDE FOR NUTANIX ACROPOLIS
SUREedge MIGRATOR INSTALLATION GUIDE 5.0.1 FOR NUTANIX ACROPOLIS 2025 Gateway Place, Suite #480, San Jose, CA, 95110 Important Notice This document is provided "as is" without any representations or warranties,
More informationTM DevOps Use Case. 2017TechMinfy All Rights Reserved
Document Details Use Case Name TMDevOps Use Case03 First Draft 01 st Dec 2017 Author Reviewed By Prabhakar D Pradeep Narayanaswamy Contents Scope... 4 About Customer... 4 Use Case Description... 4 Primary
More informationNetwork Automation at Oracle+Dyn NANOG on the Road Boston, 14 Sept 2017
Network Automation at Oracle+Dyn NANOG on the Road Boston, 14 Sept 2017 Carlos Vicente We ve come a long way January 2014: 18 sites and a few hundred devices with configurations manually crafted for years
More informationTM DevOps Use Case. 2017TechMinfy All Rights Reserved
Document Details Use Case Name TMDevOps Use Case04 First Draft 10 th Dec 2017 Author Reviewed By Amrendra Kumar Pradeep Narayanaswamy Contents Scope... 4 About Customer... 4 Pre-Conditions/Trigger... 4
More informationDatabase Lifecycle Management Pack Combined Configuration, Change, Provisioning and Patch Mgmt
Enterprise Cloud Management-- Enabled by Oracle Enterprise Manager Database Lifecycle Management Pack Combined Configuration, Change, Provisioning and Patch Mgmt Enterprise Manager
More informationOvercoming Cybersecurity Threats with RES
Overcoming Cybersecurity Threats with RES Lobe Bodin Massimo Salvini Next Generation Threats Göteborg 1 2016 RES Software. All rights reserved. 2 Your users are the weakest links. 3 They re also your organization
More informationPerkit Benchmarker: A User Perspective. Feb 27th, Liqun (Legion) Cheng Staff Performance Engineer, Google Platforms
Perkit Benchmarker: Feb 27th, 2015 A User Perspective Liqun (Legion) Cheng Staff Performance Engineer, Google Platforms liquncheng@google.com Goal To create an OpenSource Living Benchmark Framework that
More informationSDx and the Future of Infrastructure
SDx and the Future of Infrastructure John Manville, SVP, Global Infrastructure Services, Cisco Radhika Chagarlamudi, Sr. Dir., IT, Business Collaboration and Software Platforms ITM-1004 A Ten Year Journey..
More informationVenafi Platform. Architecture 1 Architecture Basic. Professional Services Venafi. All Rights Reserved.
Venafi Platform Architecture 1 Architecture Basic Professional Services 2018 Venafi. All Rights Reserved. Goals 1 2 3 4 5 Architecture Basics: An overview of Venafi Platform. Required Infrastructure: Services
More informationColligo Engage Console. User Guide
Colligo Engage Console User Guide Contents Introduction...3 Console Login for End Users... 3 Console Setup for Administrators... 3 Users...3 Groups...5 Sites... 6 Adding Locations to Sites... 7 Reporting...8
More informationBuild & Launch Tools (BLT) Automating best practices for enterprise sites
Build & Launch Tools (BLT) Automating best practices for enterprise sites Who are you? Matthew Grasmick @grasmash on Drupal.org, twitter, etc. Acquia Professional Services, 4yrs Drupalist, 9yrs Maintainer
More informationAGENDA. 13:30-14:25 Gestion des patches, du provisionning et de la configuration de RHEL avec Satellite 6.1, par Michael Lessard, Red Hat
AGENDA 13:30-14:25 Gestion des patches, du provisionning et de la configuration de RHEL avec Satellite 6.1, par Michael Lessard, Red Hat 14:25-14:35 Capsule : Surveiller les accès aux fichiers avec Auditd,
More informationDevOps Course Content
Introduction to DevOps: Background Ingredients of DevOps DevOps principles Who has adopted? Mirage or Reality? Challenges, Domain specific Technology specific DevOps Toolchain (Practices and Tools) SDLC
More informationBUILDING A GPU-FOCUSED CI SOLUTION
BUILDING A GPU-FOCUSED CI SOLUTION Mike Wendt @mike_wendt github.com/nvidia github.com/mike-wendt Need for CPU CI Challenges of GPU CI Methods to Implement GPU CI AGENDA Improving GPU CI Today Demo Lessons
More informationOrchestrating the Continuous Delivery Process
Orchestrating the Continuous Delivery Process steven.g.harris@cloudbees.com @stevengharris SVP Products, CloudBees 1 Continuous Delivery Overview Feedback Loop App Lifecycle BUILD TEST STAGE Deploy Run
More informationEVERYTHING AS CODE A Journey into IT Automation and Standardization. Raphaël Pinson
EVERYTHING AS CODE A Journey into IT Automation and Standardization Raphaël Pinson Who am I? Raphaël Pinson aka Raphink Infrastructure Developer & Trainer Automation (Puppet, Augeas, Docker) Lausanne,
More informationDeploying a Private OpenStack Cloud at Scale. Matt Fischer & Clayton O Neill
Deploying a Private OpenStack Cloud at Scale Matt Fischer & Clayton O Neill Introduction Clayton O Neill clayton.oneill@twcable.com IRC: clayton Matt Fischer matt.fischer@twcable.com IRC: mfisch What Is
More informationJAMF Nation Roadshow. Sachin Parmar End User Toolset Manager
JAMF Nation Roadshow Sachin Parmar End User Toolset Manager About Just Eat Our vision Creating the world s greatest food community 3 About Me About Me Sachin Parmar 7+ years professionally in the Technology
More informationContinuous Delivery the hard way with Kubernetes. Luke Marsden, Developer
Continuous Delivery the hard way with Luke Marsden, Developer Experience @lmarsden Agenda 1. Why should I deliver continuously? 2. primer 3. GitLab primer 4. OK, so we ve got these pieces, how are we going
More informationCommunity Edition Getting Started Guide. July 25, 2018
Community Edition Getting Started Guide July 25, 2018 Copyright 2018 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks are the
More informationGIT FOR SYSTEM ADMINS JUSTIN ELLIOTT PENN STATE UNIVERSITY
GIT FOR SYSTEM ADMINS JUSTIN ELLIOTT PENN STATE UNIVERSITY 1 WHAT IS VERSION CONTROL? Management of changes to documents like source code, scripts, text files Provides the ability to check documents in
More informationCisco Tetration Analytics
Cisco Tetration Analytics Enhanced security and operations with real time analytics John Joo Tetration Business Unit Cisco Systems Security Challenges in Modern Data Centers Securing applications has become
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationU-M Network Background Information Network Automation Strategy Network Automation Execution
U- Network Background Information Network Automation Strategy Network Automation Execution Organic Growth of U- Network Tools: A broad range of tools Commercial, open source, dead-end forks of open source,
More informationAutomating Security Practices for the DevOps Revolution
Automating Security Practices for the DevOps Revolution Hari Srinivasan Director Product Management, Cloud and Virtualization Security Qualys Inc. 1 Qualys, Inc. 2018 Agenda Transformation of today s IT
More informationFoundstone 7.0 Patch 6 Release Notes
Foundstone 7.0 Patch 6 Release Notes These release notes describe the changes and updates for Foundstone 7.0, patch 6. This application installs only the patch needed to update the Foundstone system. Foundstone
More informationBigFix 2018 Roadmap. Aram Eblighatian. Product Manager IBM BigFix. 14 May, 2018
BigFix 2018 Roadmap Aram Eblighatian Product Manager IBM BigFix 14 May, 2018 What's New in BigFix? BigFix Platform BigFix Platform v9.5.7 Released Oct. 2017 Gathering Performance improvements (WebUI and
More informationQuick Prototyping+CI with LXC and Puppet
Quick Prototyping+CI with LXC and Puppet Ben Kero 2014-05-04 Introduction Ben Kero Release Engineer Responsible for version control systems: CVS, SVN, BZR, Darcs, RCS, Git, Mercurial Before at Mozilla
More informationOslo 30 October 2018
Oslo 30 October 2018 Simplify Your Server Lifecycle Management Take advantage of Dell EMC OpenManage Systems Management Kjell Ove Tenold Senior Systems Engineer @ Dell EMC Why do I care about systems management?
More informationDEVOPS COURSE CONTENT
LINUX Basics: Unix and linux difference Linux File system structure Basic linux/unix commands Changing file permissions and ownership Types of links soft and hard link Filter commands Simple filter and
More informationGit! Fundamentals. IT Pro Roundtable! June 17, 2014!! Justin Elliott! ITS / TLT! Classroom and Lab Computing!! Michael Potter!
Git! Fundamentals IT Pro Roundtable! June 17, 2014!! Justin Elliott! ITS / TLT! Classroom and Lab Computing!! Michael Potter! IT Communications 1 What is Version Control? Version Control System (VCS)!
More informationSchool of Computing Science Gitlab Platform - User Notes
School of Computing Science Gitlab Platform - User Notes Contents Using Git & Gitlab... 1 Introduction... 1 Access Methods... 2 Web Access... 2 Repository Access... 2 Creating a key pair... 2 Adding a
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
SAI2803BU The Road to Micro- Segmentation with VMware NSX #VMworld #SAI2803BU Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationCREATING A CLOUD STRONGHOLD: Strategies and Methods to Manage and Secure Your Cloud
CREATING A CLOUD STRONGHOLD: Strategies and Methods to Manage and Secure Your Cloud Ted Brunell Principal Solution Architect, DoD Programs tbrunell@redhat.com @DoDCloudGuy AGENDA Overview of Current Security
More informationAre You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus
Are You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus 1 60 Second AWS Security Review 2 AWS Terminology Identity and Access Management (IAM) - AWS Security Service to manage
More informationTeaching Elephants to Dance (and Fly!)
Teaching Elephants to Dance (and Fly!) IT s Journey to Digital Transformation Red Hat GEMs Jason Peng, Senior Solution Architect 6 Blind Men (and an elephant) IT s Reality What most of us are up against.
More informationglu deployment automation platform July 2011 Yan Pujante in: blog:
glu deployment automation platform July 2011 Yan Pujante in: http://www.linkedin.com/in/yan blog: http://pongasoft.com/blog/yan @yanpujante * To see a video of this presentation given at Chicago devops,
More informationSailPoint IdentityIQ Integration with the BeyondInsight Platform. Providing Complete Visibility and Auditing of Identities
SailPoint IdentityIQ Integration with the BeyondInsight Platform Providing Complete Visibility and Auditing of Identities Table of Contents Executive Summary... 3 Identity and Access Management... 5 BeyondTrust
More informationResearch Faculty Summit Systems Fueling future disruptions
Research Faculty Summit 2018 Systems Fueling future disruptions Continuous Delivery for Bing UX Chap Alex Engineering Manager, Microsoft Core Bing-wide Principles Live-site quality is paramount Constant
More informationPeopleSoft Finance Access and Security Audit
PeopleSoft Finance Access and Security Audit City of Minneapolis Internal Audit Department September 20, 2016 1 Contents Page Background... 3 Objective, Scope and Approach... 3 Audit Results and Recommendations...
More informationAutomating for Agility in the Data Center. Purnima Padmanabhan Jeff Evans BMC Software
Automating for Agility in the Data Center Purnima Padmanabhan Jeff Evans BMC Software 9/5/2006 Agenda The Situation Challenges Objectives BMC Solution for Data Center Closed-Loop Change Data Center Optimization
More informationWe are ready to serve Latest Testing Trends, Are you ready to learn?? New Batches Info
We are ready to serve Latest Testing Trends, Are you ready to learn?? New Batches Info START DATE : TIMINGS : DURATION : TYPE OF BATCH : FEE : FACULTY NAME : LAB TIMINGS : PH NO: 9963799240, 040-40025423
More informationAdvanced Continuous Delivery Strategies for Containerized Applications Using DC/OS
Advanced Continuous Delivery Strategies for Containerized Applications Using DC/OS ContainerCon @ Open Source Summit North America 2017 Elizabeth K. Joseph @pleia2 1 Elizabeth K. Joseph, Developer Advocate
More informationManageEngine OpManager NCM Plug-in :::::: Page 2
Abstract Enterprises depend on network availability for business continuity. To keep the network up and running, it is bare essential to have a robust, reliable fault and performance management software
More informationITSM20F_Umang. Number: ITSM20F Passing Score: 800 Time Limit: 120 min File Version: 4.0. Exin ITSM20F
ITSM20F_Umang Number: ITSM20F Passing Score: 800 Time Limit: 120 min File Version: 4.0 http://www.gratisexam.com/ Exin ITSM20F IT Service Management Foundation based on ISO/IEC 20000 (ITSM20F.EN) Version:
More informationTips for Passing an Audit or Assessment
Tips for Passing an Audit or Assessment Rob Wayt CISSP-ISSEP, HCISPP, CISM, CISA, CRISC, CEH, QSA, ISO 27001 Lead Auditor Senior Security Engineer Structured Communication Systems Who likes audits? Compliance
More informationWhat your TOP CYBER SECURITY THREATS Have in Common
What your TOP CYBER SECURITY THREATS Have in Common Dan Klemack RES Field Sales Manager Jason Breslaw RES Solutions Engineer 1 2016 RES Software. All rights reserved. Data Connectors Chicago Suburbs, IL
More informationDynamic Datacenter Security Solidex, November 2009
Dynamic Datacenter Security Solidex, November 2009 Deep Security: Securing the New Server Cloud Virtualized Physical Servers in the open Servers virtual and in motion Servers under attack 2 11/9/09 2 Dynamic
More informationCitrix Workspace Cloud
Citrix Workspace Cloud Roger Bösch Citrix Systems International GmbH Workspace Cloud is a NEW Citrix Management and Delivery Platform Customers Now Have a Spectrum of Workspace Delivery Options Done By
More informationNITA Based Offers and Services
NITA Based Offers and Services Jessica Garrison, @networkjessica, jgarrison@juniper.net Global Architect, Professional Services Network Automation Team This statement of direction sets forth Juniper Networks
More informationInternal Compliance Use Cases
Internal Compliance Use Cases Overview The vast majority of IT and network teams have best practices or gold standards for network device configurations in order to maintain a stable and secure infrastructure
More informationFUJITSU Cloud Service K5 SF Service Functional Overview
FUJITSU Cloud Service K5 SF Service Functional Overview August 2017 Fujitsu Limited - Unauthorized copying and replication of the contents of this document is prohibited. - The contents of this document
More informationOrchestrate JBoss Middleware with Ansible Tower Red Hat Summit San Francisco
Orchestrate JBoss Middleware with Ansible Tower Red Hat Summit 2016 - San Francisco Marc Zottner Architect, Red Hat mzottner@redhat.com 29/06/2016 Roeland van de Pol Architect, Red Hat rvandepol@redhat.com
More informationAnsible Cookbook 2014
René Moser Tue Nov 25 23:13:45 UTC 2014 1 Contents Contents Intro 4 Basics 5 How do I use all hosts data in my play or template? 6 Solution................................................... 6 Explanation.................................................
More informationHP DataCenter Automation at T-Systems Enterprise Services GmbH Using the example of the HP SA Project for one of our TOP 5 customers Beatrix Andres
HP DataCenter Automation at T-Systems Enterprise Services GmbH Using the example of the HP SA Project for one of our TOP 5 customers Beatrix Andres T-Systems Enterprise Services GmbH Service Line Computing
More informationCloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.
George Gerchow, Sumo Logic Chief Information Security Officer Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops. Agenda Sumo Security
More informationGETTING TO KNOW GIT: PART II JUSTIN ELLIOTT PENN STATE UNIVERSITY
GETTING TO KNOW GIT: PART II JUSTIN ELLIOTT PENN STATE UNIVERSITY 1 REVERTING CHANGES 2 REVERTING CHANGES Change local files git reset git checkout Revert a commit in the branch history git revert Reset
More informationBeing a puppet master
Being a puppet master More money, more time, more happiness, less work Thomas Merkel http://www.flickr.com/photos/serenaseblu/5062987760/ Agenda Overview Organize the master Modules Resources
More informationContinuous Integration Ensemble / HealthShare Health Connect
Continuous Integration Ensemble / HealthShare Health Connect The scope of IT within an organisation is largely related to automating Business processes. So why not automate IT processes for once? Version
More informationContinuous Delivery of your infrastructure. Christophe
Continuous Delivery of your infrastructure Christophe Vanlancker @Carroarmato0 Christophe Vanlancker Internal operations and consulting Mentor Kris couldn t make it so I s/kris/christophe/g Todays Goals
More informationHow Identity Management Solves Five Hadoop Security Risks
How Identity Management Solves Five Hadoop Security Risks WWW.CENTRIFY.COM How Identity Management Solves Five Hadoop Security Risks Contents Executive Summary 3 With Big Data Comes Big Responsibility
More informationModern Database Architectures Demand Modern Data Security Measures
Forrester Opportunity Snapshot: A Custom Study Commissioned By Imperva January 2018 Modern Database Architectures Demand Modern Data Security Measures GET STARTED Introduction The fast-paced, ever-changing
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
NET3420BU Introducing VMware s Transformative Data Center Endpoint Security Solution Vijay Ganti Director, Product Management VMware Christopher Frenz Director of Infrastructure Interfaith Medical Center
More informationGoal 1: Maintain Security of ITS Enterprise Systems
INFORMATION TECHNOLOGY SERVICES University Technology Administration, Infrastructure and Support Open Systems Infrastructure Calendar Year 2018 Overview The primary mission of Open Systems Infrastructure
More information